This repository has been archived by the owner. It is now read-only.
Switch branches/tags
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
106 lines (89 sloc) 3.88 KB
body file control
namespace => "cfdc_etc_hosts";
# Used for enforcing the complete contents of /etc/hosts
# Warning: This is somewhat draconian, but it might be more desireable
# than distributing a hand edited file since the definition of each element
# can have a comment for knowledge management attached to it.
# This bundle should only be called once per host in a policy!
# There are many different ways to use this bundle, you could call it per
# host, or you could define a master /etc/hosts list just be careful and
# choose one, not both.
# Would be nice to remove duplicate lines, as far as I know the only problem
# duplicate lines causes is making my head hurt so its not high priority
# The config passed in is considered to be completely authoritative minus 3
# exceptions
# 1. Any line beginning with will never be deleted by this bundle,
# only replaced if you provide an entry for it
# 2. Any line beginning with # comments will never be deleted by this bundle,
# only replaced if you stuff a # comment into the array index. But you
# shouldn't, do that unexpected things might happen.
# 3. Any line beginning with ::1 will never be deleted by this bundle, only
# replaced if you provide an entry for it
bundle agent configure(runenv, metadata, hostfile, defined_only, hosts)
#@include "REPO/sketch_template/"
"ip" slist => getindices("$(hosts)"),
comment => "We need the list of IPs to look for in the hosts file";
"CFEnotice" string => "# This file is managed by CFEngine, manual edits will be reverted",
comment => "It's nice to let people know why the file keep magically reverting on them";
"defined_only" expression => strcmp($(defined_only), "1");
create => "true",
edit_line => default:set_line_based("cfdc_etc_hosts:configure.hosts",
" ",
classes => default:scoped_classes_generic("bundle", "converged"),
comment => "Fix hosts entry to be as defined.";
# We only need to delete nonmanaged entries if we specify the
# defined_only flag
edit_line => delete_nonmanaged("@(configure.ip)"),
comment => "Delete lines that do not match our managed ip list";
create => "true",
edit_line => default:prepend_if_no_line("$(CFEnotice)"),
comment => "Notice that the file is managed by CFEngine";
# I have no idea what windows permissions should be for this file
perms => default:mog("644", "root", "root"),
comment => "Set proper permissions so everyone can read it";
"$(dcbundle): only the defined hosts will be left in $(hostfile)";
"$(dcbundle): the defined hosts will be added to $(hostfile)";
"$(dcbundle): given hosts: $(ip) $(config[$(ip)])";
"$(hostfile)" bundle_return_value_index => "file";
"" bundle_return_value_index => "file";
bundle edit_line delete_nonmanaged(ips)
"regex" string => join ("|", ips),
comment => "Or the escaped ips together so we can delete all others.";
# This is the negative look ahead, and what would need tweaked
# if you don't like the behavior. Specifically it's identifying
# our list of ips followed by a space, as well as # comment or
# localhost and deleting everything else
comment => "Delete lines do not match our ips or are not comments";